Vulnerabilities in absinthe-graphql
3 resultsCVE-2026-43967HIGHQuadratic fragment-name uniqueness check causes denial of service in absintheEPSS 0.6%CVE-2026-42793HIGHAtom table exhaustion via attacker-controlled GraphQL SDL names in absintheEPSS 0.6%CVE-2026-42794LOWReflected XSS via backslash bypass in GraphiQL js_escape in absinthe_plugEPSS 0.3%